VIRY.CZ

Zdravím, poslední dobou mám hrozně divný internet. Třeba chvíli mám rychlost stahování (či ping a jiné) 900kb/s a během vteřiny ho mám 10, pak zas třeba 100 pak 2 atd.. furt se to mění a většinou to zůstává na málo. S sílou signálu je to podobné. Někdy 3 jindy 2 jindy zas 1 jindy nemám signál vůbec atd a to s PC nehýbu. Někdy ikdyž mám sílu signálu třeba 3, tak internet my nejde vůbec.. prostě hrozně divný, proto bych poprosil o zkontrolování logu a najití viru či jiného bordelu co by my tohle mohlo způsobovat.

Zde je log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michal at 2013-09-28 00:18:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 328 GB (69%) free of 477 GB
Total RAM: 4077 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:18:28, on 28.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16506)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\XBMC\XBMC.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-364043595-4193283426-3867064022-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-364043595-4193283426-3867064022-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: SetPointII.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{CCFEE1B4-CAE6-4CB4-9B14-2A28BFE56AD2}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7662 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {B9A5E720-D402-47D8-9402-E835C2E2076D}
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2044
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\XBMC\XBMC.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Michal\Desktop\Stažené\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-25 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-25 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10 1873256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2012-09-24 490880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaMessenger]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2013-09-05 9846576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2013-09-05 9846576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-09-06 1811368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2008-11-07 517384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03 40312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-28 00:18:21 ----D---- C:\Program Files\trend micro
2013-09-28 00:18:20 ----D---- C:\rsit
2013-09-28 00:02:03 ----D---- C:\Program Files (x86)\SimilarSites
2013-09-28 00:02:01 ----D---- C:\Users\Michal\AppData\Roaming\SimilarSites
2013-09-24 23:22:41 ----SHD---- C:\ProgramData\SecuROM
2013-09-24 22:59:32 ----RHD---- C:\Users\Michal\AppData\Roaming\SecuROM
2013-09-24 21:18:02 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2013-09-24 20:59:54 ----D---- C:\Program Files (x86)\Rockstar Games
2013-09-24 04:24:07 ----D---- C:\ProgramData\suaveenshARe
2013-09-24 04:21:10 ----D---- C:\ProgramData\InstallMate
2013-09-23 19:24:48 ----D---- C:\ProgramData\Electronic Arts
2013-09-15 19:37:36 ----A---- C:\Windows\wininit.ini
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-15 18:32:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\user.exe
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-09-15 18:32:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\wow64win.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\wow64cpu.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\wow64.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\winsrv.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\smss.exe
2013-09-15 18:32:09 ----A---- C:\Windows\system32\ntvdm64.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-15 18:32:09 ----A---- C:\Windows\system32\ntdll.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\kernel32.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-15 18:32:09 ----A---- C:\Windows\system32\conhost.exe
2013-09-15 18:32:09 ----A---- C:\Windows\system32\apisetschema.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-09-15 18:31:31 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\wksprtPS.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\wksprt.exe
2013-09-15 18:31:31 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-09-15 18:31:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-15 18:31:31 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\tsgqec.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\rdpudd.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\rdpcorets.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\mstscax.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\mstsc.exe
2013-09-15 18:31:31 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-09-15 18:31:31 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-09-15 18:31:31 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-09-15 18:31:31 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-09-15 18:31:31 ----A---- C:\Windows\system32\aaclient.dll
2013-09-15 18:30:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-09-15 18:30:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-09-15 18:30:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-09-15 18:30:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-09-15 18:30:48 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-15 18:30:48 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-15 18:30:48 ----A---- C:\Windows\system32\ieui.dll
2013-09-15 18:30:48 ----A---- C:\Windows\system32\ieframe.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-09-15 18:30:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-09-15 18:30:47 ----A---- C:\Windows\system32\wininet.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\vbscript.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\mshtml.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\jscript9.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\jscript.dll
2013-09-15 18:30:47 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-15 18:30:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-09-15 18:30:46 ----A---- C:\Windows\SYSWOW64\url.dll
2013-09-15 18:30:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-09-15 18:30:46 ----A---- C:\Windows\system32\urlmon.dll
2013-09-15 18:30:46 ----A---- C:\Windows\system32\url.dll
2013-09-15 18:30:46 ----A---- C:\Windows\system32\iertutil.dll
2013-09-15 18:29:59 ----A---- C:\Windows\system32\win32k.sys
2013-09-15 18:29:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-09-15 18:29:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-09-15 18:29:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-09-15 18:29:32 ----A---- C:\Windows\system32\schannel.dll
2013-09-15 18:29:32 ----A---- C:\Windows\system32\lsasrv.dll
2013-09-15 18:29:32 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-09-15 18:29:32 ----A---- C:\Windows\system32\drivers\cng.sys
2013-09-15 18:28:51 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-09-15 18:28:51 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-09-15 18:28:51 ----A---- C:\Windows\system32\shell32.dll
2013-09-15 18:28:51 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-15 18:28:01 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-15 18:27:44 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-09-15 18:27:44 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-09-15 18:25:33 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-09-15 18:25:33 ----A---- C:\Windows\system32\tzres.dll
2013-09-15 18:24:46 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-09-15 18:24:46 ----A---- C:\Windows\system32\rpcrt4.dll
2013-09-15 18:24:26 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-09-15 18:24:26 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-09-15 18:24:10 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-09-15 18:23:48 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-09-15 18:23:48 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-09-15 18:23:48 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-09-15 18:23:48 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-09-15 18:23:48 ----A---- C:\Windows\system32\wintrust.dll
2013-09-15 18:23:48 ----A---- C:\Windows\system32\cryptsvc.dll
2013-09-15 18:23:48 ----A---- C:\Windows\system32\cryptnet.dll
2013-09-15 18:23:48 ----A---- C:\Windows\system32\crypt32.dll
2013-09-15 18:23:09 ----D---- C:\34670d38f2961b2fe935b05354
2013-09-15 18:23:00 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-09-15 18:23:00 ----A---- C:\Windows\system32\qedit.dll
2013-09-15 18:22:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-09-15 18:22:07 ----A---- C:\Windows\system32\DWrite.dll
2013-09-15 18:11:56 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-09-15 18:11:56 ----A---- C:\Windows\system32\win32spl.dll
2013-09-15 18:11:35 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-09-15 18:11:35 ----A---- C:\Windows\system32\cryptdlg.dll
2013-09-15 18:10:48 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-09-15 18:10:48 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-09-15 18:10:48 ----A---- C:\Windows\system32\certutil.exe
2013-09-15 18:10:48 ----A---- C:\Windows\system32\certenc.dll
2013-09-15 18:10:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-09-15 18:10:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-09-15 18:10:19 ----A---- C:\Windows\system32\cdd.dll
2013-09-15 18:07:31 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-09-15 18:07:31 ----A---- C:\Windows\system32\consent.exe
2013-09-15 18:07:31 ----A---- C:\Windows\system32\authui.dll
2013-09-15 18:07:31 ----A---- C:\Windows\system32\appinfo.dll
2013-09-15 18:07:07 ----A---- C:\Windows\system32\wwansvc.dll
2013-09-15 18:07:07 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-09-15 18:06:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-09-15 18:06:13 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-09-15 18:05:48 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-09-15 18:02:54 ----A---- C:\Windows\system32\taskhost.exe
2013-09-15 18:02:31 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-09-15 18:02:31 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-09-15 18:02:31 ----A---- C:\Windows\system32\Wpc.dll
2013-09-15 18:02:31 ----A---- C:\Windows\system32\gameux.dll
2013-09-15 18:01:14 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-09-15 18:01:14 ----A---- C:\Windows\system32\ncrypt.dll
2013-09-15 17:58:09 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-09-15 17:58:09 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-09-15 17:58:09 ----A---- C:\Windows\system32\msxml6.dll
2013-09-15 17:58:09 ----A---- C:\Windows\system32\msxml3.dll
2013-09-15 17:57:58 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-09-15 17:57:58 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-09-15 17:57:58 ----A---- C:\Windows\system32\atmlib.dll
2013-09-15 17:57:58 ----A---- C:\Windows\system32\atmfd.dll
2013-09-15 17:56:58 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-09-15 17:56:58 ----A---- C:\Windows\system32\dpnet.dll
2013-09-15 17:56:50 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-09-15 17:56:50 ----A---- C:\Windows\system32\synceng.dll
2013-09-15 17:56:43 ----A---- C:\Windows\system32\Wdfres.dll
2013-09-15 17:56:43 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-09-15 17:56:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-09-15 17:52:03 ----SHD---- C:\Config.Msi
2013-09-15 17:51:17 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-09-15 17:51:17 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-09-15 17:51:17 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-09-15 17:51:17 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-09-15 17:50:55 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\nlasvc.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\nlaapi.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\netevent.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\ncsi.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-09-15 17:50:55 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-09-15 17:50:54 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-09-15 17:50:54 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-09-15 17:50:54 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-09-15 17:50:54 ----A---- C:\Windows\system32\netcorehc.dll
2013-09-15 17:48:55 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2013-09-15 17:07:31 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-09-15 17:00:47 ----D---- C:\ProgramData\IObit
2013-09-15 17:00:44 ----D---- C:\Users\Michal\AppData\Roaming\IObit
2013-09-15 17:00:39 ----D---- C:\Program Files (x86)\IObit
2013-09-11 23:46:50 ----D---- C:\Users\Michal\AppData\Roaming\XBMC
2013-09-11 23:45:46 ----D---- C:\Program Files (x86)\XBMC
2013-09-10 20:40:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-09-07 13:56:59 ----D---- C:\Program Files\Microsoft IntelliType Pro
2013-09-07 13:56:57 ----D---- C:\Windows\PCHEALTH
2013-09-05 23:35:30 ----D---- C:\Users\Michal\AppData\Roaming\OBS
2013-09-04 19:31:06 ----D---- C:\ProgramData\Orbit
2013-09-04 15:30:32 ----D---- C:\Program Files (x86)\Ubisoft
2013-09-03 10:05:25 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2013-09-02 22:24:49 ----D---- C:\Users\Michal\AppData\Roaming\VitySoft
2013-09-02 21:13:38 ----D---- C:\Users\Michal\AppData\Roaming\.minecraft
2013-09-02 20:28:19 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client

======List of files/folders modified in the last 1 month======

2013-09-28 00:18:28 ----D---- C:\Windows\Prefetch
2013-09-28 00:18:21 ----RD---- C:\Program Files
2013-09-28 00:17:32 ----D---- C:\Windows\Temp
2013-09-28 00:09:26 ----D---- C:\Windows\system32\NDF
2013-09-28 00:08:48 ----D---- C:\Windows\inf
2013-09-28 00:07:07 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2013-09-28 00:07:06 ----D---- C:\Program Files (x86)\Steam
2013-09-28 00:07:00 ----D---- C:\Windows\System32
2013-09-28 00:06:58 ----D---- C:\Windows\Logs
2013-09-28 00:06:58 ----D---- C:\Windows
2013-09-28 00:02:03 ----RD---- C:\Program Files (x86)
2013-09-27 20:09:05 ----D---- C:\Windows\system32\config
2013-09-27 18:11:50 ----D---- C:\ProgramData\PMB Files
2013-09-27 17:43:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-27 17:38:45 ----D---- C:\Windows\system32\Tasks
2013-09-27 17:38:29 ----D---- C:\ProgramData\NVIDIA
2013-09-26 19:14:57 ----SHD---- C:\System Volume Information
2013-09-26 06:24:41 ----D---- C:\Windows\system32\catroot2
2013-09-24 23:22:41 ----HD---- C:\ProgramData
2013-09-24 23:17:27 ----SHD---- C:\Windows\Installer
2013-09-24 21:27:58 ----D---- C:\Windows\winsxs
2013-09-24 21:18:02 ----D---- C:\Windows\SysWOW64
2013-09-24 21:17:10 ----RSD---- C:\Windows\assembly
2013-09-24 21:00:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-09-23 05:49:25 ----D---- C:\Program Files (x86)\Common Files
2013-09-23 05:49:14 ----D---- C:\Users\Michal\AppData\Roaming\GarenaPlus
2013-09-23 05:49:14 ----D---- C:\ProgramData\GarenaMessenger
2013-09-23 05:48:52 ----D---- C:\Program Files (x86)\Garena Plus
2013-09-18 05:19:26 ----D---- C:\Windows\rescache
2013-09-16 22:57:50 ----D---- C:\Windows\Microsoft.NET
2013-09-15 19:37:39 ----SD---- C:\ProgramData\Microsoft
2013-09-15 19:32:07 ----D---- C:\Windows\AppPatch
2013-09-15 19:32:06 ----D---- C:\Windows\SYSWOW64\wbem
2013-09-15 19:32:06 ----D---- C:\Windows\SYSWOW64\en-US
2013-09-15 19:32:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-09-15 19:32:05 ----D---- C:\Windows\SYSWOW64\migration
2013-09-15 19:32:05 ----D---- C:\Windows\system32\wbem
2013-09-15 19:32:05 ----D---- C:\Windows\system32\migration
2013-09-15 19:32:05 ----D---- C:\Windows\system32\en-US
2013-09-15 19:32:05 ----D---- C:\Windows\system32\drivers\en-US
2013-09-15 19:32:05 ----D---- C:\Windows\system32\drivers
2013-09-15 19:32:05 ----D---- C:\Windows\system32\cs-CZ
2013-09-15 19:32:05 ----D---- C:\Windows\PolicyDefinitions
2013-09-15 19:32:05 ----D---- C:\Program Files (x86)\Internet Explorer
2013-09-15 19:32:04 ----D---- C:\Program Files\Internet Explorer
2013-09-15 19:32:02 ----D---- C:\Program Files\Windows Defender
2013-09-15 19:32:02 ----D---- C:\Program Files (x86)\Windows Defender
2013-09-15 19:32:01 ----D---- C:\Program Files\Windows Journal
2013-09-15 19:31:50 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-09-15 19:31:49 ----RSD---- C:\Windows\Fonts
2013-09-15 19:31:44 ----D---- C:\Windows\system32\DriverStore
2013-09-15 18:32:05 ----D---- C:\Windows\system32\catroot
2013-09-11 17:19:21 ----D---- C:\Users\Michal\AppData\Roaming\Skype
2013-09-10 20:40:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-10 19:48:10 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2013-09-07 13:57:34 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2013-09-07 13:56:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-09-04 15:42:03 ----D---- C:\Windows\system32\LogFiles
2013-09-03 09:49:44 ----D---- C:\Program Files\WinRAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-28 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2010-01-14 32544]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
R3 athr;Extensible Wireless LAN device driver for Windows 7; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-27 1550848]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-09-23 303616]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-09-23 35328]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-15 291648]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-09-15 19456]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2010-01-14 29472]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-09-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-09-15 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 136176]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-09-06 565672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1255736]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.09 2013-09-28 00:18:30

======Uninstall list======

-->MsiExec /X{4EAE665D-957A-4D04-9679-3AD582008877}
µTorrent-->"C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe -maintain plugin
Adobe Reader X (10.1.8) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Advanced SystemCare 6-->"C:\Program Files (x86)\IObit\Advanced SystemCare 6\unins000.exe"
Age of Empires Online-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/105430
Age of Empires Online-->MsiExec.exe /I{4D530FA3-9B89-4186-98B7-F51000008100}
Age of Empires Online-->MsiExec.exe /X{4D530FA3-9B89-4186-98B7-F51000008100}
Aktualizace NVIDIA 1.7.11-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Update
AMD Accelerated Video Transcoding-->MsiExec.exe /X{89EE4A30-080F-2C95-6F78-C98D18FBD74D}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{5E03A267-415E-5383-FA8F-3CE4145663B9} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{12D93D02-3C15-DF08-581F-52E4A1EB0A3D}
AMD Media Foundation Decoders-->MsiExec.exe /X{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}
Catalyst Control Center - Branding-->MsiExec.exe /I{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike(TM)-->MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
Čeština pro GTA IV v1.0.7.0 1.0.7.0-->C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\Uninstall.exe
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
Garena Plus-->C:\Program Files (x86)\Garena Plus\uninst.exe
Geeks3D.com FurMark 1.9.1-->"C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.9.1\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Logitech SetPoint 5.20-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft IntelliType Pro 8.2-->msiexec.exe /I {8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}
Microsoft IntelliType Pro 8.2-->MsiExec.exe /X{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
NVIDIA Ovladač 3D Vision 295.73-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.12.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 295.73-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 295.73-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{4EAE665D-957A-4D04-9679-3AD582008877}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.12.0209-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.1\NVI2.DLL",UninstallPackage Display.PhysX
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek Ethernet Diagnostic Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}\setup.exe" -runfromtemp -l0x0005 -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Skype™ 6.1-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
suaveenshARe-->"C:\ProgramData\suaveenshARe\xM07DkGTDb.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""
TP-LINK Wireless Client Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{71BF8787-A67D-4CBC-9155-22927199F4BB}\setup.exe" -runfromtemp -l0x0009 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8C286FD4-AB38-37A6-BC8A-6F16AFE9AB1F} /parameterfolder Client
User's Guides-->MsiExec.exe /I{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}
VLC media player 2.0.4-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.11 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 27766
Source Name: Service Control Manager
Time Written: 20121024214603.184293-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Zastaveno
Record Number: 27765
Source Name: Service Control Manager
Time Written: 20121024214504.500937-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Klient DNS byl změněn na: Spuštěno
Record Number: 27764
Source Name: Service Control Manager
Time Written: 20121024214004.952029-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Klient DNS byl změněn na: Zastaveno
Record Number: 27763
Source Name: Service Control Manager
Time Written: 20121024211335.480976-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 27762
Source Name: Service Control Manager
Time Written: 20121024205645.174190-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Michal-PC
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1334
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120816123848.000000-000
Event Type: Informace
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.

Record Number: 1333
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120724124935.325345-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-BCOF7N6CGEC
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 1332
Source Name: Microsoft-Windows-Search
Time Written: 20120724124932.000000-000
Event Type: Informace
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 1331
Source Name: Microsoft-Windows-Search
Time Written: 20120724124931.000000-000
Event Type: Informace
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 103
Message: Windows (2840) Windows: Databázový stroj zastavil instanci (0).
Record Number: 1330
Source Name: ESENT
Time Written: 20120724124931.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: WIN-BCOF7N6CGEC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-BCOF7N6CGEC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x240
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1371
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120724124932.579740-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 4738
Message: Byl změněn uživatelský účet.

Předmět:
ID zabezpečení: S-1-5-21-364043595-4193283426-3867064022-500
Název účtu: Administrator
Doména účtu: WIN-BCOF7N6CGEC
ID přihlášení: 0x2adbe

Cílový účet:
ID zabezpečení: S-1-5-21-364043595-4193283426-3867064022-500
Název účtu: Administrator
Doména účtu: WIN-BCOF7N6CGEC

Změněné atributy:
Název účtu SAM: -
Zobrazovaný název: -
Zaregistrovaný název uživatele: -
Domovský adresář: -
Domovská jednotka: -
Cesta skriptu: -
Cesta profilu: -
Pracovní stanice uživatele: -
Poslední nastavení hesla: -
Vypršení platnosti účtu: -
ID primární skupiny: -
Povolené delegování: -
Původní hodnota UAC: 0x211
Nová hodnota UAC: 0x211
Řízení účtu uživatele: -
Parametry uživatele: -
Historie identifikátoru zabezpečení: -
Přihlašovací hodiny: -

Další informace:
Oprávnění: -
Record Number: 1370
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120724124930.879337-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1369
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120724124927.743731-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-BCOF7N6CGEC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x240
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1368
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120724124927.743731-000
Event Type: Úspěšný audit
User:

Computer Name: WIN-BCOF7N6CGEC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-364043595-4193283426-3867064022-500
Název účtu: Administrator
Název domény: WIN-BCOF7N6CGEC
ID přihlášení: 0x2adbe
Record Number: 1367
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120724124928.757733-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"configsetroot"=%SystemRoot%\ConfigSetRoot
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

Zdravim

Odinstalujte Advanced SystemCare 6 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

# AdwCleaner v3.005 - Report created 28/09/2013 at 02:45:03
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - MICHAL-PC
# Running from : C:\Users\Michal\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\suaveenshARe
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Users\Michal\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Michal\AppData\Roaming\SimilarSites

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_steam_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_steam_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2220 octets] - [28/09/2013 02:44:40]
AdwCleaner[S0].txt - [1975 octets] - [28/09/2013 02:45:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2035 octets] ##########

Jinak u tohoto skenu nemusím doufám zavírat všechny spuštěné programy. Kdyby ano tak řeknětě kdyžtak.

MB jsem tedy po skenu a uložení logu zavřel bez jakékoliv akce...

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.27.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Michal :: MICHAL-PC [administrátor]

Ochrana: Povolena

28.9.2013 2:50:49
MBAM-log-2013-09-28 (03-28-41).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 356289
Uplynulý čas: 37 minut, 28 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5DFD7BBD-FDF9-11E1-B89D-C860006E8F76} -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\AdwCleaner\Quarantine\C\ProgramData\suaveenshARe\xM07DkGTDb.exe.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.

(konec)

Nalez MBAMu mazat nemusite

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/28/2013 10:40:34 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Michal\Desktop\rkill\rkill-09-28-2013-10-40-37.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/28/2013 10:41:02 AM
Execution time: 0 hours(s), 0 minute(s), and 27 seconds(s)

Pokracujte ComboFixem

Zrovna jsem to dělal, dávám to sem postupně

ComboFix 13-09-26.03 - Michal 28.09.2013 10:44:51.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4077.2603 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\background.html
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\content.js
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\G8Og8oincV.js
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\lsdb.js
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\manifest.json
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmofiopccdhnikmpnnokkbedlimlkdb\5.10\sqlite.js
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idmofiopccdhnikmpnnokkbedlimlkdb_0.localstorage-journal
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idmofiopccdhnikmpnnokkbedlimlkdb_0.localstorage
c:\users\Michal\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Public\sdelevURL.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-28 )))))))))))))))))))))))))))))))
.
.
2013-09-28 08:49 . 2013-09-28 08:49 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2013-09-28 08:49 . 2013-09-28 08:49 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2013-09-28 08:49 . 2013-09-28 08:49 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2013-09-28 08:49 . 2013-09-28 08:49 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2013-09-28 08:49 . 2013-09-28 08:49 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2013-09-28 08:49 . 2013-09-28 08:49 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2013-09-28 08:49 . 2013-09-28 08:49 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2013-09-28 08:49 . 2013-09-28 08:49 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2013-09-28 08:49 . 2013-09-28 08:49 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2013-09-28 08:48 . 2013-09-28 08:48 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2013-09-28 08:48 . 2013-09-28 08:48 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2013-09-28 08:48 . 2013-09-28 08:48 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2013-09-28 08:48 . 2013-09-28 08:48 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2013-09-28 08:48 . 2013-09-28 08:48 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2013-09-28 08:48 . 2013-09-28 08:48 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2013-09-28 08:48 . 2013-09-28 08:48 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2013-09-28 08:48 . 2013-09-28 08:48 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2013-09-28 00:57 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BF73741-7789-4C29-AAC8-7A8B4BD766A4}\mpengine.dll
2013-09-28 00:49 . 2013-09-28 00:49 -------- d-----w- c:\users\Michal\AppData\Roaming\Malwarebytes
2013-09-28 00:49 . 2013-09-28 00:49 -------- d-----w- c:\programdata\Malwarebytes
2013-09-28 00:49 . 2013-09-28 00:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-28 00:49 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-28 00:44 . 2013-09-28 00:45 -------- d-----w- C:\AdwCleaner
2013-09-28 00:42 . 2013-09-28 00:42 -------- d-----w- c:\users\Michal\AppData\Roaming\Apple Computer
2013-09-27 22:18 . 2013-09-27 22:18 -------- d-----w- c:\program files\trend micro
2013-09-27 22:18 . 2013-09-27 22:18 -------- d-----w- C:\rsit
2013-09-26 17:15 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-24 21:22 . 2013-09-24 21:22 -------- d-----w- c:\users\Michal\AppData\Local\Rockstar Games
2013-09-24 21:22 . 2013-09-24 21:22 -------- d-sh--w- c:\programdata\SecuROM
2013-09-24 20:59 . 2013-09-24 20:59 -------- d--h--r- c:\users\Michal\AppData\Roaming\SecuROM
2013-09-24 19:18 . 2013-09-24 19:18 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-09-24 18:59 . 2013-09-24 21:17 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-09-24 03:07 . 2013-09-24 03:15 -------- d-----w- c:\users\Michal\Doctor Web
2013-09-24 02:21 . 2013-09-24 02:21 -------- d-----w- c:\programdata\InstallMate
2013-09-23 17:24 . 2013-09-23 17:24 -------- d-----w- c:\programdata\Electronic Arts
2013-09-15 16:31 . 2013-09-15 16:31 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-09-15 16:29 . 2013-09-15 16:29 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-15 16:29 . 2013-09-15 16:29 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-15 16:29 . 2013-09-15 16:29 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-09-15 16:29 . 2013-09-15 16:29 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-15 16:29 . 2013-09-15 16:29 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-15 16:29 . 2013-09-15 16:29 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-15 16:28 . 2013-09-15 16:28 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-15 16:28 . 2013-09-15 16:28 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-15 16:28 . 2013-09-15 16:28 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-15 16:27 . 2013-09-15 16:27 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-15 16:27 . 2013-09-15 16:27 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-15 16:25 . 2013-09-15 16:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-09-15 16:25 . 2013-09-15 16:25 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-15 16:24 . 2013-09-15 16:24 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-15 16:24 . 2013-09-15 16:24 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-15 16:24 . 2013-09-15 16:24 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-09-15 16:24 . 2013-09-15 16:24 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-15 16:24 . 2013-09-15 16:24 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-09-15 16:22 . 2013-09-15 16:22 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:22 . 2013-09-15 16:22 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-15 16:22 . 2013-09-15 16:22 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-15 16:22 . 2013-09-15 16:22 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-15 16:22 . 2013-09-15 16:22 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:22 . 2013-09-15 16:22 1545728 ----a-w- c:\windows\system32\DWrite.dll
2013-09-15 16:22 . 2013-09-15 16:22 1077760 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-15 16:11 . 2013-09-15 16:11 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-09-15 16:11 . 2013-09-15 16:11 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-09-15 16:11 . 2013-09-15 16:11 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-15 16:11 . 2013-09-15 16:11 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-09-15 16:10 . 2013-09-15 16:10 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-15 16:10 . 2013-09-15 16:10 52224 ----a-w- c:\windows\system32\certenc.dll
2013-09-15 16:10 . 2013-09-15 16:10 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-09-15 16:10 . 2013-09-15 16:10 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-09-15 16:10 . 2013-09-15 16:10 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-09-15 16:10 . 2013-09-15 16:10 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-09-15 16:10 . 2013-09-15 16:10 144384 ----a-w- c:\windows\system32\cdd.dll
2013-09-15 16:07 . 2013-09-15 16:07 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-09-15 16:07 . 2013-09-15 16:07 1930752 ----a-w- c:\windows\system32\authui.dll
2013-09-15 16:07 . 2013-09-15 16:07 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-09-15 16:07 . 2013-09-15 16:07 111448 ----a-w- c:\windows\system32\consent.exe
2013-09-15 16:07 . 2013-09-15 16:07 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-09-15 16:07 . 2013-09-15 16:07 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-09-15 16:06 . 2013-09-15 16:06 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-09-15 16:06 . 2013-09-15 16:06 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-09-15 16:05 . 2013-09-15 16:05 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-09-15 16:01 . 2013-09-15 16:01 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-15 16:01 . 2013-09-15 16:01 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-15 15:58 . 2013-09-15 15:58 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-09-15 15:58 . 2013-09-15 15:58 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-09-15 15:58 . 2013-09-15 15:58 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-09-15 15:58 . 2013-09-15 15:58 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-09-15 15:57 . 2013-09-15 15:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-09-15 15:57 . 2013-09-15 15:57 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-09-15 15:57 . 2013-09-15 15:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-09-15 15:57 . 2013-09-15 15:57 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-09-15 15:56 . 2013-09-15 15:56 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-09-15 15:56 . 2013-09-15 15:56 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-09-15 15:56 . 2013-09-15 15:56 95744 ----a-w- c:\windows\system32\synceng.dll
2013-09-15 15:56 . 2013-09-15 15:56 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-09-15 15:56 . 2013-09-15 15:56 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-09-15 15:56 . 2013-09-15 15:56 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-09-15 15:56 . 2013-09-15 15:56 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-09-15 15:56 . 2013-09-15 15:56 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-09-15 15:51 . 2013-09-15 15:51 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-09-15 15:51 . 2013-09-15 15:51 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-09-15 15:51 . 2013-09-15 15:51 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-09-15 15:51 . 2013-09-15 15:51 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-09-15 15:50 . 2013-09-15 15:50 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-09-15 15:50 . 2013-09-15 15:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-09-15 15:50 . 2013-09-15 15:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-09-15 15:50 . 2013-09-15 15:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-09-15 15:50 . 2013-09-15 15:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-09-15 15:50 . 2013-09-15 15:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2013-09-15 15:50 . 2013-09-15 15:50 18944 ----a-w- c:\windows\system32\netevent.dll
2013-09-15 15:50 . 2013-09-15 15:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-09-15 15:50 . 2013-09-15 15:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2013-09-15 15:50 . 2013-09-15 15:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2013-09-15 15:50 . 2013-09-15 15:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2013-09-15 15:48 . 2012-10-12 17:09 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-09-15 15:07 . 2013-09-15 17:36 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-15 15:05 . 2013-09-15 15:05 -------- d-----w- c:\users\Michal\AppData\Local\Programs
2013-09-15 15:00 . 2013-09-15 15:01 -------- d-----w- c:\programdata\IObit
2013-09-15 15:00 . 2013-09-15 15:00 -------- d-----w- c:\users\Michal\AppData\Roaming\IObit
2013-09-11 21:46 . 2013-09-27 23:10 -------- d-----w- c:\users\Michal\AppData\Roaming\XBMC
2013-09-11 21:45 . 2013-09-11 21:46 -------- d-----w- c:\program files (x86)\XBMC
2013-09-10 18:40 . 2013-09-10 18:40 9430408 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-09-07 11:56 . 2013-09-07 11:57 -------- d-----w- c:\program files\Microsoft IntelliType Pro
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 03:32 . 2013-02-13 11:47 303616 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-09-23 03:32 . 2013-02-13 11:47 35328 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-09-15 16:32 . 2013-09-15 16:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-09-15 16:29 . 2013-09-15 16:29 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-15 16:06 . 2013-09-15 16:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-09-15 16:06 . 2013-09-15 16:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-09-15 16:06 . 2013-09-15 16:06 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-09-15 16:06 . 2013-09-15 16:06 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-09-15 16:06 . 2013-09-15 16:06 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-09-15 16:06 . 2013-09-15 16:06 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-09-15 16:06 . 2013-09-15 16:06 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2013-09-10 18:40 . 2013-02-07 14:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-10 18:40 . 2013-02-07 14:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-09 21:15 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-09-09 21:15 . 2009-08-18 10:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-08-25 12:33 . 2013-08-25 12:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 12:33 . 2013-08-25 12:33 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 12:33 . 2013-08-25 12:33 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-21 04:35 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 18:40]
.
2013-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 15:15]
.
2013-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-16 15:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{CCFEE1B4-CAE6-4CB4-9B14-2A28BFE56AD2}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} - c:\programdata\suaveenshARe\xM07DkGTDb.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-364043595-4193283426-3867064022-1002\Software\SecuROM\License information*]
"datasecu"=hex:4a,9d,95,06,74,80,b0,41,38,91,81,92,36,8b,03,9d,c8,9c,ca,36,3f,
82,c1,a3,24,35,eb,ec,01,fc,4d,dc,75,33,81,e2,46,e8,8f,6f,94,75,df,b7,f2,49,\
"rkeysecu"=hex:18,73,f4,2a,0c,c5,a9,41,62,36,43,f4,06,4d,34,bb
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Garena Plus\ggdllhost.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-09-28 10:51:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-28 08:51
.
Před spuštěním: Volných bajtů: 344 173 395 968
Po spuštění: Volných bajtů: 344 158 261 248
.
- - End Of File - - 9C3F355EEBF33D39B3A619BECD711E25
A36C5E4F47E84449FF07ED3517B43A31

Jinak vypl se mi antivir a všechny další věci co byli v "zobrazit skryté ikony" na dolní liště, nevadí když ho zase zapnu že? Jinak momentálně je ta rychlost stahování dobrá, ale může se to během chvíle zase změnit.. ukáže čas

Teď to jede jak bych si představoval (500-1mb/s), doufám že se to zase nezmění časem, popřípadě ještě napíšu, ale každopádně děkuji za váš čas a ochotu

Jinak v čem byl problém víte kdyžtak? Abych si dal pozor do budoucna..

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Bylo tam hodne reklaminiho nezadouciho SW, chce to cist co se instaluje jako doprovod - vice zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

A pokud nejsou problemy ci dotazy, je to z me strany vse

Tak bohužel zase mi ten internet blbne :/ Co jsem nainstaloval zpět ADblock, tak téměř okamžitě to začala blbnout. Zkusil jsem adwcleaner a combofix a trochu se to zlepšilo,ale stejně to kmitá mezi velkým pingem a malým, a velkou rychlostí a malou (před ComboF a adw nešel internet vůbec..). Dám sem logy z programů co jsem dával minule a pokud by jste na něco přišli prosím pomozte

Jinak mám i trochu pomalejší PC od doby co zase začal blbnout ten net, ale je možný že se mi to jen zdá

Uvidim zítra až tu na něm budu trochu déle..

Ten ADblock jsem z chromu odstranil, ale nepomohlo to. Chrome jsem přeinstaloval celý..

ComboFix

ComboFix 13-10-03.03 - Michal 03.10.2013 18:46:54.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4077.2754 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-03 do 2013-10-03 )))))))))))))))))))))))))))))))
.
.
2013-10-03 16:50 . 2013-10-03 16:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-03 16:50 . 2013-10-03 16:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-03 16:17 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3519C6CA-8B27-4A6D-BD4F-558040A17EF2}\mpengine.dll
2013-10-03 12:27 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-03 12:26 . 2013-10-03 12:26 -------- d-----w- C:\found.000
2013-10-03 04:39 . 2013-10-03 04:40 -------- d-----w- c:\program files (x86)\World of Warcraft
2013-10-01 05:03 . 2013-10-01 07:46 -------- d-----w- c:\users\Michal\AppData\Roaming\Wargaming.net
2013-10-01 02:13 . 2013-10-03 02:45 -------- d-----w- C:\Games
2013-09-29 03:38 . 2013-09-29 03:38 -------- d-----w- c:\program files (x86)\LOLReplay
2013-09-28 12:39 . 2013-10-03 04:40 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-09-28 12:14 . 2013-09-28 12:14 -------- d-----w- c:\programdata\Battle.net
2013-09-28 00:49 . 2013-09-28 00:49 -------- d-----w- c:\users\Michal\AppData\Roaming\Malwarebytes
2013-09-28 00:49 . 2013-09-28 00:49 -------- d-----w- c:\programdata\Malwarebytes
2013-09-28 00:42 . 2013-09-28 00:42 -------- d-----w- c:\users\Michal\AppData\Roaming\Apple Computer
2013-09-27 22:18 . 2013-09-27 22:18 -------- d-----w- c:\program files\trend micro
2013-09-24 21:22 . 2013-09-24 21:22 -------- d-----w- c:\users\Michal\AppData\Local\Rockstar Games
2013-09-24 21:22 . 2013-09-24 21:22 -------- d-sh--w- c:\programdata\SecuROM
2013-09-24 20:59 . 2013-09-24 20:59 -------- d--h--r- c:\users\Michal\AppData\Roaming\SecuROM
2013-09-24 19:18 . 2013-09-24 19:18 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-09-24 18:59 . 2013-09-24 21:17 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-09-24 03:07 . 2013-09-24 03:15 -------- d-----w- c:\users\Michal\Doctor Web
2013-09-24 02:21 . 2013-09-24 02:21 -------- d-----w- c:\programdata\InstallMate
2013-09-23 17:24 . 2013-09-23 17:24 -------- d-----w- c:\programdata\Electronic Arts
2013-09-15 16:31 . 2013-09-15 16:31 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-09-15 16:29 . 2013-09-15 16:29 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-15 16:29 . 2013-09-15 16:29 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-15 16:29 . 2013-09-15 16:29 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-09-15 16:29 . 2013-09-15 16:29 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-15 16:29 . 2013-09-15 16:29 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-15 16:29 . 2013-09-15 16:29 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-15 16:28 . 2013-09-15 16:28 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-15 16:28 . 2013-09-15 16:28 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-15 16:28 . 2013-09-15 16:28 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-15 16:27 . 2013-09-15 16:27 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-15 16:27 . 2013-09-15 16:27 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-15 16:25 . 2013-09-15 16:25 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-09-15 16:25 . 2013-09-15 16:25 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-15 16:24 . 2013-09-15 16:24 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-15 16:24 . 2013-09-15 16:24 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-15 16:24 . 2013-09-15 16:24 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-09-15 16:24 . 2013-09-15 16:24 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-15 16:24 . 2013-09-15 16:24 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-09-15 16:22 . 2013-09-15 16:22 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:22 . 2013-09-15 16:22 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-15 16:22 . 2013-09-15 16:22 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-15 16:22 . 2013-09-15 16:22 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-15 16:22 . 2013-09-15 16:22 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:22 . 2013-09-15 16:22 1545728 ----a-w- c:\windows\system32\DWrite.dll
2013-09-15 16:22 . 2013-09-15 16:22 1077760 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-15 16:11 . 2013-09-15 16:11 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-09-15 16:11 . 2013-09-15 16:11 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-09-15 16:11 . 2013-09-15 16:11 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-09-15 16:11 . 2013-09-15 16:11 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-09-15 16:10 . 2013-09-15 16:10 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-15 16:10 . 2013-09-15 16:10 52224 ----a-w- c:\windows\system32\certenc.dll
2013-09-15 16:10 . 2013-09-15 16:10 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-09-15 16:10 . 2013-09-15 16:10 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-09-15 16:10 . 2013-09-15 16:10 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-09-15 16:10 . 2013-09-15 16:10 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-09-15 16:10 . 2013-09-15 16:10 144384 ----a-w- c:\windows\system32\cdd.dll
2013-09-15 16:07 . 2013-09-15 16:07 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-09-15 16:07 . 2013-09-15 16:07 1930752 ----a-w- c:\windows\system32\authui.dll
2013-09-15 16:07 . 2013-09-15 16:07 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-09-15 16:07 . 2013-09-15 16:07 111448 ----a-w- c:\windows\system32\consent.exe
2013-09-15 16:07 . 2013-09-15 16:07 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-09-15 16:07 . 2013-09-15 16:07 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-09-15 16:06 . 2013-09-15 16:06 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-09-15 16:06 . 2013-09-15 16:06 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-09-15 16:05 . 2013-09-15 16:05 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-09-15 16:01 . 2013-09-15 16:01 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-15 16:01 . 2013-09-15 16:01 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-15 15:58 . 2013-09-15 15:58 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-09-15 15:58 . 2013-09-15 15:58 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-09-15 15:58 . 2013-09-15 15:58 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-09-15 15:58 . 2013-09-15 15:58 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-09-15 15:57 . 2013-09-15 15:57 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-09-15 15:57 . 2013-09-15 15:57 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-09-15 15:57 . 2013-09-15 15:57 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-09-15 15:57 . 2013-09-15 15:57 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-09-15 15:56 . 2013-09-15 15:56 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-09-15 15:56 . 2013-09-15 15:56 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-09-15 15:56 . 2013-09-15 15:56 95744 ----a-w- c:\windows\system32\synceng.dll
2013-09-15 15:56 . 2013-09-15 15:56 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-09-15 15:56 . 2013-09-15 15:56 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-09-15 15:56 . 2013-09-15 15:56 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-09-15 15:56 . 2013-09-15 15:56 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-09-15 15:56 . 2013-09-15 15:56 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-09-15 15:51 . 2013-09-15 15:51 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-09-15 15:51 . 2013-09-15 15:51 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-09-15 15:51 . 2013-09-15 15:51 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-09-15 15:51 . 2013-09-15 15:51 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-09-15 15:50 . 2013-09-15 15:50 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-09-15 15:50 . 2013-09-15 15:50 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-09-15 15:50 . 2013-09-15 15:50 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-09-15 15:50 . 2013-09-15 15:50 303104 ----a-w- c:\windows\system32\nlasvc.dll
2013-09-15 15:50 . 2013-09-15 15:50 216576 ----a-w- c:\windows\system32\ncsi.dll
2013-09-15 15:50 . 2013-09-15 15:50 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2013-09-15 15:50 . 2013-09-15 15:50 18944 ----a-w- c:\windows\system32\netevent.dll
2013-09-15 15:50 . 2013-09-15 15:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2013-09-15 15:50 . 2013-09-15 15:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2013-09-15 15:50 . 2013-09-15 15:50 246272 ----a-w- c:\windows\system32\netcorehc.dll
2013-09-15 15:50 . 2013-09-15 15:50 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2013-09-15 15:48 . 2012-10-12 17:09 25472 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-09-15 15:07 . 2013-09-15 17:36 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-15 15:05 . 2013-09-15 15:05 -------- d-----w- c:\users\Michal\AppData\Local\Programs
2013-09-15 15:00 . 2013-09-15 15:01 -------- d-----w- c:\programdata\IObit
2013-09-15 15:00 . 2013-09-15 15:00 -------- d-----w- c:\users\Michal\AppData\Roaming\IObit
2013-09-11 21:46 . 2013-10-03 05:00 -------- d-----w- c:\users\Michal\AppData\Roaming\XBMC
2013-09-11 21:45 . 2013-09-11 21:46 -------- d-----w- c:\program files (x86)\XBMC
2013-09-10 18:40 . 2013-09-10 18:40 9430408 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-09-07 11:56 . 2013-09-07 11:57 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2013-09-07 11:56 . 2013-09-07 11:56 -------- d-----w- c:\windows\PCHEALTH
2013-09-05 21:35 . 2013-09-05 21:35 -------- d-----w- c:\users\Michal\AppData\Roaming\OBS
2013-09-04 18:25 . 2013-09-23 02:57 -------- d-----w- c:\users\Michal\AppData\Local\My Games
2013-09-04 17:31 . 2013-09-07 09:26 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-04 17:31 . 2013-09-04 17:31 -------- d-----w- c:\users\Michal\AppData\Local\PunkBuster
2013-09-04 17:31 . 2013-09-04 17:31 -------- d-----w- c:\programdata\Orbit
2013-09-04 13:42 . 2013-09-06 15:50 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-04 13:30 . 2013-09-23 02:56 -------- d-----w- c:\program files (x86)\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 03:32 . 2013-02-13 11:47 303616 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-09-23 03:32 . 2013-02-13 11:47 35328 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-09-15 16:32 . 2013-09-15 16:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-09-15 16:29 . 2013-09-15 16:29 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-15 16:29 . 2013-09-15 16:29 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-15 16:06 . 2013-09-15 16:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-09-15 16:06 . 2013-09-15 16:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-09-15 16:06 . 2013-09-15 16:06 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-09-15 16:06 . 2013-09-15 16:06 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-09-15 16:06 . 2013-09-15 16:06 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-09-15 16:06 . 2013-09-15 16:06 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-09-15 16:06 . 2013-09-15 16:06 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2013-09-10 18:40 . 2013-02-07 14:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-10 18:40 . 2013-02-07 14:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-09 21:15 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-09-09 21:15 . 2009-08-18 10:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-08-25 12:33 . 2013-08-25 12:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 12:33 . 2013-08-25 12:33 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 12:33 . 2013-08-25 12:33 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 18:40]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03 16:12]
.
2013-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03 16:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
TCP: Interfaces\{CCFEE1B4-CAE6-4CB4-9B14-2A28BFE56AD2}: NameServer = 8.8.8.8,8.8.4.4
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-364043595-4193283426-3867064022-1002\Software\SecuROM\License information*]
"datasecu"=hex:4a,9d,95,06,74,80,b0,41,38,91,81,92,36,8b,03,9d,c8,9c,ca,36,3f,
82,c1,a3,24,35,eb,ec,01,fc,4d,dc,75,33,81,e2,46,e8,8f,6f,94,75,df,b7,f2,49,\
"rkeysecu"=hex:18,73,f4,2a,0c,c5,a9,41,62,36,43,f4,06,4d,34,bb
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-03 18:51:06
ComboFix-quarantined-files.txt 2013-10-03 16:51
ComboFix2.txt 2013-09-28 08:51
.
Před spuštěním: Volných bajtů: 354 557 890 560
Po spuštění: Volných bajtů: 354 640 158 720
.
- - End Of File - - 65ACE44FC2EF9C05BCBE09EB185CC9C3
A36C5E4F47E84449FF07ED3517B43A31

adwCleaner

# AdwCleaner v3.006 - Report created 03/10/2013 at 19:06:47
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michal - MICHAL-PC
# Running from : C:\Users\Michal\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

*************************

AdwCleaner[R3].txt - [638 octets] - [03/10/2013 19:06:34]
AdwCleaner[S3].txt - [560 octets] - [03/10/2013 19:06:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [619 octets] ##########

rkill

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/03/2013 07:10:29 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/03/2013 07:11:21 PM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)

MB, nebo RSIT si myslim dělat nemusím znova, ale řekněte kdyžtak a dám to sem..

VIRY.CZ

Nestabilní internet

Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet

Re: Nestabilní internet